Puppet is an open-source configuration management tool from Puppet Labs. Puppet Resources are the building blocks that puppet uses to model system configurations.
The most common Puppet’s Resources are Listed below.
file resource
Manages local files. Example of file resource is mentioned below:
file { '/etc/sudoers':
ensure => file,
group => 'root',
owner => 'root',
mode => '0440',
source => '/etc/puppetlabs/puppet/files/sudoers',
} File Resource Attributes:
- path: Specifies the target location for file.
- ensure: Accepts absent, present, file, directory, and symlink. Any other value will be treated as a symlink.
- owner: Owner of file.
- group: Group of file.
- mode: Mode of file.
- content: Specifies the file content as a string.
- source: Specifies the source of file (either puppet or local).
- target: The symlink target for the file resource.
- force: Force replacement of directories with a link. Valid values (true, false).
- ignore: Omits files matching specified patterns during recursion (Ex: .svn, .git).
- recurse: Whether or not directories should be managed recursively. Valid values (true, false)
- recurselimit: The number of directories to manage recursively.
- replace: Whether to replace a file that exists, useful for initialization.
- purge: Whether or not to purge unmanaged file resources within a directory. Valid values (true, false)
Package Resource
Manages software packages. Some platforms have better package tools than others, so you’ll have to do some research on yours;
Example of Package Resource:
package { 'httpd':
ensure => present,
} Package Attributes:
- ensure — The state for this package.
- present
- latest
- {any version string}
- absent
- purged (Potentially dangerous. Ensures absent, then zaps configuration files and dependencies, including those that other.
- packages depend on. Providerdependent.)
- name — The name of the package, as known to your packaging system; defaults to title.
- source — Where to obtain the package, if your system’s packaging tools don’t use a repository.
Service Resource
Manages services running on the node. Like with packages, some platforms have better tools than others, so read up. To restart a service whenever a file changes, subscribe to the file or have the file notify the service. (subscribe => File[‘sshd _ config’] or notify => Service[‘sshd’]).
Example of a service resource type:
service { 'sshd':
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,
} Service Attributes:
- name: The name of the service as understood on the underlying services subsystem. (namevar)
- enable: If a service should be started at boot. Can be true or false.
- ensure: If the resource should currently be running. Can be true, false, running, or stopped.
- hasrestart: Specifies that your service has a restart command. Can be true or false.
- hasstatus: Specifies that your service has a status command. Can be true or false.
- pattern: The pattern to search for in the process table.
- restart: Specify a restart command.
- start: Specify a start command.
- status: Specify a status command.
- stop: Specify a stop command.
Notify Resource
Sends an arbitrary message to the agent run-time log.
notify { "This message is getting logged on the agent node.": }
notify { "Mac warning": message => $operatingsystem ?
{ 'Darwin' => "This seems to be a Mac."
, default => "And I’m a PC.",
},
} Notify Attributes : message — Defaults to title.
exec resource
The exec resource type executes external commands on the client.When using execs, make sure the command can be safely run multiple times or specify that it should only run under certain conditions.
Example of exec resource:
exec { 'updatedb':
path => '/usr/bin',
creates => '/var/lib/mlocate/mlocate.db',
} exec Attributes:
- name: (namevar)
- command: Command to execute.
- user: Sets the user for the command to run as.
- group: Sets the group for the command to run as.
- creates: Specifies a file that if exists the command does not run.
- onlyif: A shell command that is run as a test to determine if the command should run.
- unless: A shell command that is run as a test to determine if the command should not run.
- refresh: Command to execute if the resource is refreshed due to a notify or subscribe metaparameter.
- refreshonly: Only run the command if the resource is refreshed due to a notify or subscribe metaparameter
- cwd: Sets the working directory.
- environment: Sets other environment variables
- path: Sets the path.
- returns: Sets the expected return code.
- timeouts: Sets the maximum time the command should take.
- logoutput: Rather output should be logged. Default is false. Can also be true or on_failure.
- tries: number of times to try the exec. Default 0.
- try_sleep: number of seconds to sleep between retries.
cron resource
Manages cron jobs on the puppet agents or clients. Largely self-explanatory.
Example of cron resource:
cron { 'logrotate':
command => '/usr/sbin/logrotate',
user => 'root',
hour => '2',
minute => '0',
} Attributes for the Cron Resource Type:
- command: The command executed in the cron job. (namevar)
- ensure: absent, present
- minute: The minute at which to run the cron job.
- hour: The hour at which to run the cron job.
- monthday: Day of month at which to run the cron job.
- month: The month in which to run the cron job.
- weekday: The weekday in which to run the cron job.
- user: Set the user.
user Resource
Manages user accounts on puppet agents or clients. mostly used for system users.
Exampel of user resource:
user { 'elvis':
ensure => present,
gid => 'sysadmin',
} User resource attributes:
- name: User name, OS specified limits apply. (namevar)
- ensure: The state of the user resource. Valid values are absent, present, role (Solaris specific).
- uid: The user’s uid number.
- gid: The user’s primary group. Can be specified numerically or by name.
- groups: The secondary group(s) to which the user is a member. The primary group should not be listed.
- home: The user’s home directory.
- comment: Description of user.
- shell: The user’s login shell.
- managehome: Whether to manage the home directory when managing the user. Valid values are true, false.
namevar resource
Each resource has a special attribute called a namevar.
user { 'elvis-presley':
ensure => present,
name => 'elvis',
gid => 'sysadmin',
} The namevar for the user resource is the name attribute.
group resource
Group resource is used to manage group on the puppet agents or clients.
Example of group resource:
group { 'sysadmin':
ensure => present,
gid => '5000',
} Basic Attributes for the group resource type:
- name: The group name. (namevar)
- ensure: Group resource state. Valid values are present, absent.
- gid: The numerical group ID.
- allowdupe: Whether to allow duplicate GIDs.
- members: Members of the group.